package cn.zs.supply.common.core.security.simple;

import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;

import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

/** 配置路径访问限制,若你的用户角色比较简单,不需要存数据库,
 * 可以在ApplicationConfigurerAdapter里配置如
 *  httpSecurity
 *  .authorizeRequests()
 *  .antMatchers("/order").....
 */
@Component("accessDecisionService")
public class AccessDecisionService {

    private AntPathMatcher antPathMatcher = new AntPathMatcher();

    public boolean hasPermission(HttpServletRequest request, Authentication auth) {
        String data [] = {"/swagger*","/v2/*","/webjars/**","/app.js*"};
        String p=request.getRequestURI();
        for (String url : Arrays.asList(data)) {
            //System.out.println(url+":"+p+":"+antPathMatcher.match(url, request.getRequestURI()));
            if (antPathMatcher.match(url, request.getRequestURI())) {
                return true;
            }
        }
        if (auth instanceof AnonymousAuthenticationToken) {
           return false;
        }
        UserDetails user = (UserDetails) auth.getPrincipal();
        String userName = user.getUsername();
        if(user!=null){
            return true;
        }
        return false;
        /***

        /**
        List<String> urls = queryUrlByUserName(userName);
        for (String url : urls) {
            if (antPathMatcher.match(url, request.getRequestURI())) {
                return true;
            }
        }
         **/
    }

    /**
     *
     *
     * @param userName
     * @return
     */
    private List<String> queryUrlByUserName(String userName) {


        switch (userName) {
            case "admin":
                return Arrays.asList("/innerMsg", "/secret");
            case "user":
                return Arrays.asList("/innerMsg");
            default:
                return new ArrayList<>();
        }


    }
}
